Lead Image © Putzen, 123RF.com

Lead Image © Putzen, 123RF.com

Cleaning up your Linux server

Housekeeping

Article from ADMIN 40/2017
By
Even in the best environments, a little housekeeping is necessary.

Housekeeping is one of the many duties bestowed on the overburdened backs of system administrators, but it is one that keeps the house in order, keeps backups small, and keeps servers running efficiently. A full filesystem can stop services and disallow logins, so it is imperative that you keep a watchful eye on critical filesystems. To maintain a healthy system, you should spend a few minutes every day on housekeeping chores.

Three directories require special attention when you are tidying up your Linux space: /tmp, /home, and /var.

The /tmp Directory

The /tmp directory exists on every Linux system and is writable by every user on the system, which makes it vulnerable to file dumping and file sprawl (Figure 1). Many software programs write temporary files to the /tmp directory, which can be a problem for a system administrator when determining which files to keep and which to remove. When removing files from /tmp, you must use some discernment. Applications currently in use by users might have temporary files open, and the application will crash or throw an error if the files are removed unexpectedly. Also, a user might lose all their work since the last save point.

Figure 1: Permissions make the /tmp directory vulnerable to file sprawl.

Although rebooting a Linux server removes all files from /tmp, system administrators are reluctant to reboot server systems without good reason, and cleaning /tmp is rarely reason enough for a reboot. Just because /tmp can be written to by anyone, files are not vulnerable to accidental or purposeful removal by other users. In Figure 1, the t in the sticky bit at the end of the permissions list (drwxrwxrwxt ) for the temp file indicates that only the original file owner can remove it. Of course, the root user can remove any file.

To remove files from /tmp safely, use a script like

find /tmp -mtime +7 | egrep -v "`lsof -n +D /tmp | awk 'NR>1 {print $9}'| tr \\n \|`"

that looks for files that haven't been modified for seven days and are not currently open by a user or an application.

The /home Directory

The first rule for system administrators is: Don't remove anything from /home without a verified backup. Users get upset when administrators perform sweeping removals, no matter how necessary they are. A full /home directory won't stop critical system operations, but your help desk ticket queue will fill accordingly. The most effective method for cleaning the /home directory is to notify system users and have them perform the necessary removals. The best method to help users identify files they might want to remove or archive is to run a script that lists all files that users haven't accessed in more than 180 days:

find /Users -atime +180 -type f

The thinking is that if a user hasn't accessed a file in six months, it is a good candidate for archiving or removal. Warn users that files they haven't accessed in more than 180 days will be removed from the system.

The process should proceed as follows:

1. Run the access time script to capture the list of files for removal.

2. Warn users of the impending removal process with a due date.

3. Back up the /home directory.

4. Give users a final warning before removal.

5. Remove the files.

The backup will allow you to retrieve any irreplaceable files for a user after the removal event.

You can adapt this basic process as necessary for your own needs. In some environments, it might not be politically expedient to delete old files as the default, but it is still helpful to send users a report of the files they haven't used recently to encourage them to clean up. In other settings, you might want to exclude specific subdirectories from the cleanup process, so users can retain important documents for later reference, even if they aren't in active use.

The /var Directory

The same rules and advice apply to /var that apply to /tmp. You should proceed with caution because many applications write /var subdirectories, and some web servers hold permanent files under /var/www/html. An overzealous rm statement could wipe out an entire web service.

Various system cleanup applications exist (e.g., tmpreaper and bleachbit) to help you maintain a clean system.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus